Описание
The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gpac | fixed | 1.0.1+dfsg1-2 | package | |
| gpac | not-affected | buster | package | |
| gpac | not-affected | stretch | package |
Примечания
https://github.com/gpac/gpac/issues/1423
https://github.com/gpac/gpac/commit/e90526f3d2ec0dee4cddc5244eb115668f10341f
Vulnerable code was subsequently removed upstream.
EPSS
Связанные уязвимости
The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
Уязвимость функции gf_dash_segmenter_probe_input команды MP4Box мультимедийной платформы GPAC, позволяющая нарушителю вызвать отказ в обслуживании
EPSS